Thank you, I just bought the Kindle version. :-) BR, Andreas fre 13 okt. 2017 kl. 02:16 skrev Bryan Harris <bryanlhar...@gmail.com>:
> There is a book called relayd and httpd. I think it has what you need. > > V/r, > Bryan > > > > > On Oct 12, 2017, at 1:33 PM, Andreas Thulin <andreasthu...@gmail.com> > wrote: > > > > Hi! > > > > Before anything, thanks for yet another awesome OpenBSD release! I’ll > > extend my gratitude into the pockets of the Foundation and finally donate > > this time. > > > > Then: > > > > I’m a relayd virgin. Consider all the following a lab exercise, I want to > > learn and understand more. > > > > My target: > > Understanding how to score an A+ on the htbridge web server security > test. > > https://www.htbridge.com/websec/?id=BT1UmswV > > > > First objective: > > Set HTTP headers, such as > > > > CONTENT-SECURITY-POLICY > > X-CONTENT-TYPE-OPTIONS > > X-XSS-PROTECTION > > > > using relayd (since httpd can’t help out here). > > > > Assumptions etc: > > - I suppose only https traffic is in scope, since all http traffic is > > redirected to https. > > - Both httpd and relayd are (will be) run on the same 6.2 machine. > > - httpd runs just fine and scores an A+ on the htbridge TLS Server Test > > more or less out of the box. The web server test, however, was a > > disappointing F. :-) > > > > I’m only a mortal, so simply reading the relayd.conf man page and do some > > trial-and-error has so far only made me go all CAPS. I seek examples (of > > something similar to the above use-case), a guide, turorial, or even a > > how-to to make this happen. I can learn all the config options and > settings > > afterwards, and keep tweaking and understanding. > > > > Anyone? > > > > Humbly, > > Andreas >
